Command Injection
fs-path node module is vulnerable to command injection by way of user-supplied inputs via the copy, copySync, remove, and removeSync methods.
Advisories for Npm/Fs-Path package
2021
2019
Command Injection in fs-path
fs-path is vulnerable to command injection is unsanitized user input is passed in.